Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/KyRfcxrxqqpcslrFQWQYOPBIcZM.roa
File: KyRfcxrxqqpcslrFQWQYOPBIcZM.roa (raw, json)
Hash identifier: enoYB4EarJlxTEqTuba4w81FeajTLqt41EFvklFxHJQ=
Subject key identifier: 2B:24:5F:73:1A:F1:AA:AA:5C:B2:5A:C5:41:64:18:38:F0:48:71:93
Certificate issuer: /CN=07594568618898a9fb720ae09bed0ed1be4f857e
Certificate serial: 014D2ACE
Authority key identifier: 07:59:45:68:61:88:98:A9:FB:72:0A:E0:9B:ED:0E:D1:BE:4F:85:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1lFaGGImKn7cgrgm-0O0b5PhX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/KyRfcxrxqqpcslrFQWQYOPBIcZM.roa
Signing time: Sat 01 Jan 2022 03:54:17 +0000
ROA not before: Sat 01 Jan 2022 03:54:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57167
IP address blocks: 46.254.107.0/24 maxlen: 24
195.14.122.0/24 maxlen: 24
2a11:b100:b100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21834446 (0x14d2ace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07594568618898a9fb720ae09bed0ed1be4f857e
Validity
Not Before: Jan 1 03:54:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b245f731af1aaaa5cb25ac541641838f0487193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:01:1b:6b:03:21:df:5b:42:e0:c4:1d:af:56:
1e:f5:62:b0:4f:82:68:8f:51:fa:19:07:62:34:ec:
dd:e4:d1:8c:07:53:e4:bb:b7:2d:03:32:2c:fe:a3:
94:66:a4:da:0c:57:28:3c:9a:26:a2:a1:6a:30:0e:
dc:3c:e5:a6:9a:ff:88:e4:59:f6:bb:1e:a2:01:d1:
a7:cd:da:3b:d9:76:02:32:f6:3e:6d:71:5f:1a:ee:
e7:cd:e5:45:b0:9e:0f:3d:a9:5e:46:81:25:ca:8a:
29:d6:32:80:83:2d:2c:91:12:0f:d4:2d:3f:66:11:
44:06:c2:d9:62:33:12:70:a7:8e:dc:16:c3:b6:67:
1d:1c:c3:17:c0:bd:16:36:34:b3:8b:c7:97:2a:85:
f1:63:08:d1:7c:b6:18:9b:1c:de:79:b9:0c:35:d8:
53:75:1a:b1:f2:2b:f4:2a:05:36:41:51:40:54:53:
10:b2:a2:63:62:40:d3:b1:e1:23:10:c4:84:ea:bf:
69:b7:e3:45:ac:00:bb:92:7f:07:31:41:47:30:a1:
93:af:9b:97:87:db:06:d8:06:62:b4:42:4a:d6:99:
fd:0e:83:f2:d4:e8:a1:8a:08:5b:c9:0b:3f:b9:c2:
a6:c2:a7:4d:b5:a2:96:3c:66:86:b0:c3:b3:6b:22:
72:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:24:5F:73:1A:F1:AA:AA:5C:B2:5A:C5:41:64:18:38:F0:48:71:93
X509v3 Authority Key Identifier:
keyid:07:59:45:68:61:88:98:A9:FB:72:0A:E0:9B:ED:0E:D1:BE:4F:85:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1lFaGGImKn7cgrgm-0O0b5PhX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/KyRfcxrxqqpcslrFQWQYOPBIcZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/B1lFaGGImKn7cgrgm-0O0b5PhX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.107.0/24
195.14.122.0/24
IPv6:
2a11:b100:b100::/48
Signature Algorithm: sha256WithRSAEncryption
94:cb:17:b4:4a:11:88:1e:c2:22:fc:87:c7:2b:16:40:70:3a:
ed:ee:4e:90:c4:70:0d:71:a1:e1:9f:38:c2:d3:a7:1b:3a:a0:
66:42:35:c7:52:bc:18:7e:4f:59:79:d5:a1:83:da:7b:89:0b:
f8:7d:cc:fb:6f:0a:59:3f:87:dc:a3:53:f0:cb:97:06:fc:9d:
56:6f:71:07:b0:58:75:00:8d:64:90:c4:74:6c:43:3c:4e:96:
67:2e:98:45:2b:a3:52:74:12:90:2d:a5:06:24:ef:2d:94:0b:
83:77:ed:79:83:5b:39:e7:9e:4b:21:bf:41:18:9e:57:68:89:
c2:9c:de:fa:87:ad:86:17:79:f6:8f:f2:0f:70:8c:dc:4f:12:
ba:c3:a3:ae:b0:15:83:be:a8:5f:04:85:d2:da:49:23:4b:d6:
45:8c:89:69:67:25:ea:4e:cd:9c:18:79:08:49:cb:b1:59:93:
86:57:59:32:00:d8:c7:da:5d:ac:b2:7f:2c:2a:45:7a:ab:ed:
9f:31:72:ba:8b:54:ac:e5:a6:1b:8b:f5:69:84:13:8a:65:33:
64:75:69:09:c1:d1:e9:93:e3:67:e1:f4:6d:d4:2a:6a:83:15:
fd:0d:3d:c6:13:17:26:c3:1b:6c:e9:c8:ec:ed:a7:89:7e:ca:
28:88:b5:c3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEAU0qzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NzU5NDU2ODYxODg5OGE5ZmI3MjBhZTA5YmVkMGVkMWJlNGY4NTdlMB4XDTIyMDEw
MTAzNTQxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIyNDVmNzMxYWYx
YWFhYTVjYjI1YWM1NDE2NDE4MzhmMDQ4NzE5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUBG2sDId9bQuDEHa9WHvVisE+CaI9R+hkHYjTs3eTRjAdT
5Lu3LQMyLP6jlGak2gxXKDyaJqKhajAO3Dzlppr/iORZ9rseogHRp83aO9l2AjL2
Pm1xXxru583lRbCeDz2pXkaBJcqKKdYygIMtLJESD9QtP2YRRAbC2WIzEnCnjtwW
w7ZnHRzDF8C9FjY0s4vHlyqF8WMI0Xy2GJsc3nm5DDXYU3UasfIr9CoFNkFRQFRT
ELKiY2JA07HhIxDEhOq/abfjRawAu5J/BzFBRzChk6+bl4fbBtgGYrRCStaZ/Q6D
8tTooYoIW8kLP7nCpsKnTbWiljxmhrDDs2sicjkCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQrJF9zGvGqqlyyWsVBZBg48EhxkzAfBgNVHSMEGDAWgBQHWUVoYYiYqfty
CuCb7Q7Rvk+FfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0IxbEZhR0dJbUtuN2NncmdtLTBPMGI1UGhYNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvOWZhZGExLTYwZjktNGVmNy04MWQ4LTFlY2NiZTY3YzY2MS8x
L0t5UmZjeHJ4cXFwY3NsckZRV1FZT1BCSWNaTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
OWZhZGExLTYwZjktNGVmNy04MWQ4LTFlY2NiZTY3YzY2MS8xL0IxbEZhR0dJbUtu
N2NncmdtLTBPMGI1UGhYNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAC7+awMEAMMOejAPBAIAAjAJAwcA
KhGxALEAMA0GCSqGSIb3DQEBCwUAA4IBAQCUyxe0ShGIHsIi/IfHKxZAcDrt7k6Q
xHANcaHhnzjC06cbOqBmQjXHUrwYfk9ZedWhg9p7iQv4fcz7bwpZP4fco1Pwy5cG
/J1Wb3EHsFh1AI1kkMR0bEM8TpZnLphFK6NSdBKQLaUGJO8tlAuDd+15g1s5555L
Ib9BGJ5XaInCnN76h62GF3n2j/IPcIzcTxK6w6OusBWDvqhfBIXS2kkjS9ZFjIlp
ZyXqTs2cGHkIScuxWZOGV1kyANjH2l2ssn8sKkV6q+2fMXK6i1Ss5aYbi/VphBOK
ZTNkdWkJwdHpk+Nn4fRt1CpqgxX9DT3GExcmwxts6cjs7aeJfsooiLXD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:52 2023 by rpki-client on console-ams.rpki-client.org